func TestDockerCfgAuth(t *testing.T) { authString := base64.StdEncoding.EncodeToString([]byte(testAuthUser + ":" + testAuthPass)) cfg := defaultTestConfig() cfg.EngineAuthData = config.NewSensitiveRawMessage([]byte(`{"http://` + testAuthRegistryHost + `/v1/":{"auth":"` + authString + `"}}`)) cfg.EngineAuthType = "dockercfg" removeImage(testAuthRegistryImage) taskEngine, done, _ := setup(cfg, t) defer done() defer func() { cfg.EngineAuthData = config.NewSensitiveRawMessage(nil) cfg.EngineAuthType = "" }() testTask := createTestTask("testDockerCfgAuth") testTask.Containers[0].Image = testAuthRegistryImage taskEvents, contEvents := taskEngine.TaskEvents() defer discardEvents(contEvents)() go taskEngine.AddTask(testTask) expected_events := []api.TaskStatus{api.TaskRunning} for taskEvent := range taskEvents { if taskEvent.TaskArn != testTask.Arn { continue } expected_event := expected_events[0] expected_events = expected_events[1:] if taskEvent.Status != expected_event { t.Error("Got event " + taskEvent.Status.String() + " but expected " + expected_event.String()) } if len(expected_events) == 0 { break } } taskUpdate := *testTask taskUpdate.DesiredStatus = api.TaskStopped go taskEngine.AddTask(&taskUpdate) for taskEvent := range taskEvents { if taskEvent.TaskArn == testTask.Arn { if !(taskEvent.Status >= api.TaskStopped) { t.Error("Expected only terminal events; got " + taskEvent.Status.String()) } break } } }
func TestDockerAuth(t *testing.T) { taskEngine := setup(t) removeImage(testAuthRegistryImage) cfg.EngineAuthData = config.NewSensitiveRawMessage([]byte(`{"http://` + testAuthRegistryHost + `":{"username":"******","password":"******"}}`)) cfg.EngineAuthType = "docker" defer func() { cfg.EngineAuthData = config.NewSensitiveRawMessage(nil) cfg.EngineAuthType = "" }() testTask := createTestTask("testDockerAuth") testTask.Containers[0].Image = testAuthRegistryImage taskEvents, contEvents := taskEngine.TaskEvents() defer discardEvents(contEvents)() go taskEngine.AddTask(testTask) expected_events := []api.TaskStatus{api.TaskRunning} for taskEvent := range taskEvents { if taskEvent.TaskArn != testTask.Arn { continue } expected_event := expected_events[0] expected_events = expected_events[1:] if taskEvent.Status != expected_event { t.Error("Got event " + taskEvent.Status.String() + " but expected " + expected_event.String()) } if len(expected_events) == 0 { break } } taskUpdate := *testTask taskUpdate.DesiredStatus = api.TaskStopped go taskEngine.AddTask(&taskUpdate) for taskEvent := range taskEvents { if taskEvent.TaskArn == testTask.Arn { if !(taskEvent.Status >= api.TaskStopped) { t.Error("Expected only terminal events; got " + taskEvent.Status.String()) } break } } }
func TestUnavailableVersionError(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().Return(mockDocker, nil) client, err := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{}), false) if err != nil { t.Fatal(err) } vclient := client.WithVersion(dockerclient.DockerVersion("1.21")) factory.EXPECT().GetClient(dockerclient.DockerVersion("1.21")).Times(1).Return(nil, errors.New("Cannot get client")) metadata := vclient.StartContainer("foo") if metadata.Error == nil { t.Fatal("Expected error, didn't get one") } if namederr, ok := metadata.Error.(api.NamedError); ok { if namederr.ErrorName() != "CannotGetDockerclientError" { t.Fatal("Wrong error name, expected CannotGetDockerclientError but got " + namederr.ErrorName()) } } else { t.Fatal("Error was not a named error") } }
func TestPullImageECRSuccess(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().AnyTimes().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().AnyTimes().Return(mockDocker, nil) client, _ := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{}), false) goClient, _ := client.(*dockerGoClient) ecrClientFactory := mock_ecr.NewMockECRFactory(ctrl) ecrClient := mock_ecr.NewMockECRSDK(ctrl) goClient.ecrClientFactory = ecrClientFactory testTime := ttime.NewTestTime() ttime.SetTime(testTime) registryId := "123456789012" region := "eu-west-1" endpointOverride := "my.endpoint" authData := &api.RegistryAuthenticationData{ Type: "ecr", ECRAuthData: &api.ECRAuthData{ RegistryId: registryId, Region: region, EndpointOverride: endpointOverride, }, } imageEndpoint := "registry.endpoint" image := imageEndpoint + "/myimage:tag" username := "******" password := "******" dockerAuthConfiguration := docker.AuthConfiguration{ Username: username, Password: password, ServerAddress: "https://" + imageEndpoint, } getAuthorizationTokenInput := &ecrapi.GetAuthorizationTokenInput{ RegistryIds: []*string{aws.String(registryId)}, } ecrClientFactory.EXPECT().GetClient(region, endpointOverride).Return(ecrClient) ecrClient.EXPECT().GetAuthorizationToken(getAuthorizationTokenInput).Return( &ecrapi.GetAuthorizationTokenOutput{ AuthorizationData: []*ecrapi.AuthorizationData{ &ecrapi.AuthorizationData{ ProxyEndpoint: aws.String("https://" + imageEndpoint), AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))), }, }, }, nil) mockDocker.EXPECT().PullImage( &pullImageOptsMatcher{image}, dockerAuthConfiguration, ).Return(nil) metadata := client.PullImage(image, authData) if metadata.Error != nil { t.Error("Expected pull to succeed") } }
// initDockerClient initializes engine's docker client. func (engine *DockerStatsEngine) initDockerClient() error { if engine.client == nil { client, err := ecsengine.NewDockerGoClient(nil, "", config.NewSensitiveRawMessage([]byte(""))) if err != nil { return err } engine.client = client } return nil }
func dockerclientSetup(t *testing.T) (*mock_dockeriface.MockClient, *DockerGoClient, *ttime.TestTime, func()) { ctrl := gomock.NewController(t) mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().AnyTimes().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().AnyTimes().Return(mockDocker, nil) client, _ := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{})) testTime := ttime.NewTestTime() ttime.SetTime(testTime) return mockDocker, client, testTime, ctrl.Finish }
func TestPingFailError(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().Return(errors.New("err")) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().Return(mockDocker, nil) _, err := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{}), false) if err == nil { t.Fatal("Expected ping error to result in constructor fail") } }
func TestDockerCfgAuth(t *testing.T) { authData := []byte(strings.Join(append([]string{`{`}, `"example.tld/user2":{"auth":"`+dragonAuth+`","email":"*****@*****.**"},`, `"example.tld":{"auth":"`+secretAuth+`","email":"*****@*****.**"}`, `}`), "")) // Avoid accidentally loading the test-runner's .dockercfg credentialprovider.SetPreferredDockercfgPath("/dev/null") SetConfig(&config.Config{EngineAuthType: "dockercfg", EngineAuthData: config.NewSensitiveRawMessage(authData)}) for ndx, pair := range expectedPairs { authConfig := GetAuthconfig(pair.Image) if authConfig.Email != pair.ExpectedEmail || authConfig.Username != pair.ExpectedUser || authConfig.Password != pair.ExpectedPass { t.Errorf("Expectation failure: #%v. Got %v, wanted %v", ndx, authConfig, pair) } } }
func dockerclientSetup(t *testing.T) (*mock_dockeriface.MockClient, *dockerGoClient, *mock_ttime.MockTime, func()) { ctrl := gomock.NewController(t) mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().AnyTimes().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().AnyTimes().Return(mockDocker, nil) mockTime := mock_ttime.NewMockTime(ctrl) conf := config.DefaultConfig() conf.EngineAuthData = config.NewSensitiveRawMessage([]byte{}) client, _ := NewDockerGoClient(factory, false, &conf) goClient, _ := client.(*dockerGoClient) ecrClientFactory := mock_ecr.NewMockECRFactory(ctrl) goClient.ecrClientFactory = ecrClientFactory goClient._time = mockTime return mockDocker, goClient, mockTime, ctrl.Finish }
func TestUsesVersionedClient(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().Return(mockDocker, nil) client, err := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{}), false) if err != nil { t.Fatal(err) } vclient := client.WithVersion(dockerclient.DockerVersion("1.20")) factory.EXPECT().GetClient(dockerclient.DockerVersion("1.20")).Times(2).Return(mockDocker, nil) mockDocker.EXPECT().StartContainer(gomock.Any(), gomock.Any()).Return(nil) mockDocker.EXPECT().InspectContainer(gomock.Any()).Return(nil, errors.New("err")) vclient.StartContainer("foo") }
func TestPullImageECRAuthFail(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() mockDocker := mock_dockeriface.NewMockClient(ctrl) mockDocker.EXPECT().Ping().AnyTimes().Return(nil) factory := mock_dockerclient.NewMockFactory(ctrl) factory.EXPECT().GetDefaultClient().AnyTimes().Return(mockDocker, nil) client, _ := NewDockerGoClient(factory, "", config.NewSensitiveRawMessage([]byte{}), false) goClient, _ := client.(*dockerGoClient) ecrClientFactory := mock_ecr.NewMockECRFactory(ctrl) ecrClient := mock_ecr.NewMockECRSDK(ctrl) goClient.ecrClientFactory = ecrClientFactory testTime := ttime.NewTestTime() ttime.SetTime(testTime) registryId := "123456789012" region := "eu-west-1" endpointOverride := "my.endpoint" authData := &api.RegistryAuthenticationData{ Type: "ecr", ECRAuthData: &api.ECRAuthData{ RegistryId: registryId, Region: region, EndpointOverride: endpointOverride, }, } imageEndpoint := "registry.endpoint" image := imageEndpoint + "/myimage:tag" ecrClientFactory.EXPECT().GetClient(region, endpointOverride).Return(ecrClient) ecrClient.EXPECT().GetAuthorizationToken(gomock.Any()).Return(&ecrapi.GetAuthorizationTokenOutput{}, errors.New("test error")) metadata := client.PullImage(image, authData) if metadata.Error == nil { t.Error("Expected pull to fail") } }
func TestStatsEngineWithDockerTaskEngine(t *testing.T) { // This should be a functional test. Upgrading to docker 1.6 breaks our ability to // read state.json file for containers. t.Skip("Skipping integ test as this is really a functional test") taskEngine := engine.NewTaskEngine(&config.Config{}) container, err := createGremlin(client) if err != nil { t.Fatal("Error creating container", err) } defer client.RemoveContainer(docker.RemoveContainerOptions{ ID: container.ID, Force: true, }) unmappedContainer, err := createGremlin(client) if err != nil { t.Fatal("Error creating container", err) } defer client.RemoveContainer(docker.RemoveContainerOptions{ ID: unmappedContainer.ID, Force: true, }) containers := []*api.Container{ &api.Container{ Name: "gremlin", }, } testTask := api.Task{ Arn: "gremlin-task", DesiredStatus: api.TaskRunning, KnownStatus: api.TaskRunning, Family: "test", Version: "1", Containers: containers, } // Populate Tasks and Container map in the engine. dockerTaskEngine, _ := taskEngine.(*engine.DockerTaskEngine) dockerTaskEngine.State().AddTask(&testTask) dockerTaskEngine.State().AddContainer( &api.DockerContainer{ DockerId: container.ID, DockerName: "gremlin", Container: containers[0], }, &testTask) statsEngine := NewDockerStatsEngine(&cfg) statsEngine.client, err = engine.NewDockerGoClient(nil, "", config.NewSensitiveRawMessage([]byte(""))) if err != nil { t.Fatal("Error initializing docker client: ", err) } err = statsEngine.MustInit(taskEngine, defaultCluster, defaultContainerInstance) if err != nil { t.Error("Error initializing stats engine: ", err) } err = client.StartContainer(container.ID, nil) defer client.StopContainer(container.ID, defaultDockerTimeoutSeconds) if err != nil { t.Error("Error starting container: ", container.ID, " error: ", err) } err = client.StartContainer(unmappedContainer.ID, nil) defer client.StopContainer(unmappedContainer.ID, defaultDockerTimeoutSeconds) if err != nil { t.Error("Error starting container: ", unmappedContainer.ID, " error: ", err) } // Wait for the stats collection go routine to start. time.Sleep(checkPointSleep) metadata, taskMetrics, err := statsEngine.GetInstanceMetrics() if err != nil { t.Error("Error gettting instance metrics: ", err) } if len(taskMetrics) != 1 { t.Error("Incorrect number of tasks. Expected: 1, got: ", len(taskMetrics)) } err = validateMetricsMetadata(metadata) if err != nil { t.Error("Error validating metadata: ", err) } err = validateContainerMetrics(taskMetrics[0].ContainerMetrics, 1) if err != nil { t.Error("Error validating container metrics: ", err) } err = client.StopContainer(container.ID, defaultDockerTimeoutSeconds) if err != nil { t.Error("Error stopping container: ", container.ID, " error: ", err) } time.Sleep(waitForCleanupSleep) // Should not contain any metrics after cleanup. err = validateIdleContainerMetrics(statsEngine) if err != nil { t.Fatal("Error validating metadata: ", err) } }
"testing" "github.com/GoogleCloudPlatform/kubernetes/pkg/credentialprovider" "github.com/aws/amazon-ecs-agent/agent/config" ) type testPair struct { input config.Config output credentialprovider.DockerConfig } var testPairs = []testPair{ testPair{ config.Config{ EngineAuthType: "docker", EngineAuthData: config.NewSensitiveRawMessage([]byte(`{"https://index.docker.io/v1/":{"username":"******","password":"******","email":"user@email"}}`)), }, credentialprovider.DockerConfig{ "https://index.docker.io/v1/": credentialprovider.DockerConfigEntry{ Username: "******", Password: "******", Email: "user@email", }, }, }, testPair{ config.Config{ EngineAuthType: "dockercfg", EngineAuthData: config.NewSensitiveRawMessage([]byte(`{"my.registry.tld":{"auth":"` + base64.StdEncoding.EncodeToString([]byte("test:dragon")) + `","email":"test@email"}}`)), }, credentialprovider.DockerConfig{
func init() { cfg.EngineAuthData = config.NewSensitiveRawMessage([]byte{}) dockerClient, _ = ecsengine.NewDockerGoClient(clientFactory, false, &cfg) }